General
-
Target
2024-04-22_6345806c56a589bd4abf956c6996f99e_cryptolocker
-
Size
41KB
-
Sample
240422-mq923aad22
-
MD5
6345806c56a589bd4abf956c6996f99e
-
SHA1
f2f7f9c6ff2f377cec0048bd574c53134619c69e
-
SHA256
6a3d7d3936614fc34241504fef36f73a17565de0a0df6ec5638d5e43ce39cd6e
-
SHA512
3c4f67eb2de8d945d534aee39e3bee9a9b7291c91f8ea8b1fe39cce9f80b69b59f5c0df4260eb216b0d4da2f0a4f8b7d0000bb9c31bf36255ff3deb76d4c8e3f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/at:6j+1NMOtEvwDpjrRm
Malware Config
Targets
-
-
Target
2024-04-22_6345806c56a589bd4abf956c6996f99e_cryptolocker
-
Size
41KB
-
MD5
6345806c56a589bd4abf956c6996f99e
-
SHA1
f2f7f9c6ff2f377cec0048bd574c53134619c69e
-
SHA256
6a3d7d3936614fc34241504fef36f73a17565de0a0df6ec5638d5e43ce39cd6e
-
SHA512
3c4f67eb2de8d945d534aee39e3bee9a9b7291c91f8ea8b1fe39cce9f80b69b59f5c0df4260eb216b0d4da2f0a4f8b7d0000bb9c31bf36255ff3deb76d4c8e3f
-
SSDEEP
768:6Qz7yVEhs9+4OR7tOOtEvwDpjLHqh6/at:6j+1NMOtEvwDpjrRm
Score9/10-
Detection of CryptoLocker Variants
-
Detection of Cryptolocker Samples
-
Detects executables built or packed with MPress PE compressor
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-